package com.cy.improve.demos.web.xxlJob.utils;

import com.alibaba.fastjson2.JSON;
import com.alibaba.fastjson2.JSONObject;

import java.time.LocalDateTime;
import java.time.ZoneOffset;
import java.time.format.DateTimeFormatter;
import java.util.Random;

public class LogGenerator {

    private static final Random random = new Random();
    private static final String[] SIGNATURES = {
            "SQL Injection Attack",
            "Cross-Site Scripting",
            "Denial of Service",
            "Unauthorized Access Attempt"
    };
    private static final String[] MESSAGES = {
            "Detected possible SQL injection attack from IP ",
            "Detected cross-site scripting attempt from IP ",
            "Detected denial of service attack from IP ",
            "Detected unauthorized access attempt from IP "
    };

    private static String generateRandomIP() {
        return random.nextInt(256) + "." + random.nextInt(256) + "." + random.nextInt(256) + "." + random.nextInt(256);
    }

    private static String generateRandomString(int length) {
        String characters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
        StringBuilder result = new StringBuilder();
        for (int i = 0; i < length; i++) {
            result.append(characters.charAt(random.nextInt(characters.length())));
        }
        return result.toString();
    }

    private static String generateRandomTimestamp() {
        LocalDateTime now = LocalDateTime.now();
        LocalDateTime randomTime = now.minusSeconds(random.nextInt(60 * 60 * 24)); // Random time within the last 24 hours
        return randomTime.atOffset(ZoneOffset.UTC).format(DateTimeFormatter.ISO_INSTANT);
    }


    public static String generateSecurityLog() {
        // Create a JSONObject to store log information

        JSONObject logObject = new JSONObject();

        // Add basic properties with random values
        logObject.put("timestamp", generateRandomTimestamp());
        logObject.put("event_type", "intrusion_detection");
        logObject.put("source_ip", generateRandomIP());
        logObject.put("destination_ip", generateRandomIP());
        logObject.put("protocol", random.nextBoolean() ? "TCP" : "UDP");
        logObject.put("source_port", random.nextInt(65535));
        logObject.put("destination_port", random.nextInt(65535));
        logObject.put("packet_size", random.nextInt(1500) + 20); // Typical MTU size
        logObject.put("action", random.nextBoolean() ? "alert" : "block");
        logObject.put("severity", random.nextBoolean() ? "high" : "medium");

        int signatureIndex = random.nextInt(SIGNATURES.length);
        logObject.put("signature_id", random.nextInt(1000000));
        logObject.put("signature", SIGNATURES[signatureIndex]);
        logObject.put("message", MESSAGES[signatureIndex] + logObject.getString("source_ip") + " to " + logObject.getString("destination_ip"));

        // Create a JSONObject to store additional information
        JSONObject additionalInfo = new JSONObject();
        additionalInfo.put("http_method", random.nextBoolean() ? "POST" : "GET");
        additionalInfo.put("url", random.nextBoolean() ? "/login.php" : "/index.php");
        additionalInfo.put("user_agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3");
        additionalInfo.put("referrer", "http://example.com");
        additionalInfo.put("cookie", "sessionid=" + generateRandomString(6) + "; user_id=" + generateRandomString(6));
        additionalInfo.put("response_code", random.nextBoolean() ? 403 : 200);
        additionalInfo.put("response_message", random.nextBoolean() ? "Forbidden" : "OK");

        // Add additional information to the log object
        logObject.put("additional_info", additionalInfo);

        // Return JSON string
        return JSON.toJSONString(logObject); // Using 4 spaces for indentation
    }

}
